<?php
    include_once '../connection/databaseHandler.php';
    include_once '../connection/sessionHandler.php';
    $database = new DatabaseHandler();
    $session = new SessionHandler();

    //Mendapatkan semua informasi yang telah divalidasi di client-side
    $fullname = $_POST['fullname'];
    $username = $session->username;
    $password = md5($_POST['password']);
    $birthdate = $_POST['birthdate'];
    $location = $_POST['location'];
    $img_src = "./res/upload/";
    $img_extension = substr($_FILES["profpict"]["name"], strrpos($_FILES["profpict"]["name"], '.'));
    $new_img_location;
    if ($img_extension=="")
    {
        $query = "SELECT img_location FROM $database->t_user
                    WHERE username='$username'";
        $result = $database->execQuery($query);
        $row = mysql_fetch_array($result, MYSQL_ASSOC);
        $new_img_location = $row['img_location'];
    }
    else
    {
        move_uploaded_file($_FILES["profpict"]["tmp_name"], "../res/upload/" .($username).($img_extension));
        $new_img_location = $img_src.$username.$img_extension;
    }

    $query = "UPDATE  $database->t_user
                SET
                    fullname='$fullname',
                    password='$password',
                    birthdate='$birthdate',
                    location='$location',
                    img_location = '$new_img_location'
                WHERE
                    username='$username' ";
    if ($database->execQuery($query)) {
        $query="SELECT * FROM ".$database->t_user." WHERE username='".$username."' ";
        $result = $database->execQuery($query);
        $result = mysql_fetch_array($result);
        $session->setSession($result);
        header("location:../profile.php?ref=editSuccess");
    }
    else {
        header("location:../profile.php?ref=editFailed");
        die();
    }
    
    
?>
